Pre-encryption makes cloud-based storage safer

TOP STORY

Pre-encryption makes cloud-based storage safer

By Fred Langa

I must confess: Until recently, I deeply distrusted the security of cloud-storage services such as SkyDrive, Google Drive, and Dropbox. But now, thanks to pre-encryption software, I'm now comfortably using several cloud services — with no worries about the security and privacy of my files.

As you discuss in another article in the current newsletter the problem of getting past a deceased's password, one reason I use the Cloud is so my children could access my personal details the day I'm dead and gone (they would have my Cloud-drive password). What would they do if all the files had gone through this Boxcryptor software on my computer?

Great article but leaves a question in my mind. Sounds like the files in the Boxcryptor folder are automatically decrypted on my computer; shouldn't I or anyone on my computer have to enter the password? If not, my computer is hackable. A user needs encryption on both his computer and the cloud.

Boxcryptor, like every other piece of commercial software has a backdoor for government access by NSA and other agencies. As far as I am concerned if the government has access then that is just as bad as any hacker that might have access. If you want any privacy don't put anything of any importance on any computer that has internet access.

This is totally, and absolutely, useless! The algorithm is stored within the application that does the pre-encryption.. ON the harddrive on the main PC! Did you not say that the purpose of off-site backups is protection due to loss of the main pc, or it's harddrives?
Just how are you going to decrypt these cloud-based files after something like that?

This is totally, and absolutely, useless! The algorithm is stored within the application that does the pre-encryption.. ON the harddrive on the main PC! Did you not say that the purpose of off-site backups is protection due to loss of the main pc, or it's harddrives?
Just how are you going to decrypt these cloud-based files after something like that?

But a much simpler solution would be to use a 'zero-knowledge' cloud-based storage provider - such as SpiderOak.

Dropbox and SkyDrive et all encrypt the tunnel by which your data is uploaded to them, but once it gets out of the pipe at their end, it is clear to read. Obviously they have procedures and policies in place, but should those policies and procedures fail or be circumvented by an employee, you're exposed.

SpiderOak is one of the few that encrypts your data before it leaves your computer - so that what they receive at their end, and store on their servers, is gibberish. Only you can read it, using your key that you control.

The advantage of SpiderOak is that it's one simple piece of software, like DropBox. Set it and forget it. I have a DropBox folder for my 'casual' data - cat gifs, essential tools and drivers, etc - and a SpiderOak folder for my 'serious' data - banking, taxes, legal etc.

Not only do I see a lot of caveats in the instructions dealing with Windows itself - certificate conflicts, etc - but BoxCryptor also requires smooth interoperability with a third party's software - SkyDrive, DropBox, etc. I'm always wary of that - too many cooks can spoil the soup.

Doccus: that is a very interesting point! I wonder if you tried to use another PC with another installation of Boxcryptor would it be able to decrypt your files from the cloud? That's something the article should address.

Sorry, but this defeats the major purpose for cloud based storage, especially Skydrive and Google Drive...to use cloud based office apps to work collaboratively with others. The encrypted files cannot be opened by Office 365 online apps, cannot be downloaded and used by other people unless they know your encryption password, thereby defeating the purpose of encrypting in the first place.
Realistically, anyone who can hack a Skydrive account will be able to decrypt a Boxcryptor cypher. On top of that, if there is any information SO important that you need to double encrypt it, you would be a complete fool to put it online anyway. Anything can be hacked. Anything. The question is, do you have anything valuable enough for someone to put the costly resources and time into it?
If you are a large multinational corp with billions of dollars in transfer, ok. But sorry Fred...you just don't have enough money, influence or affect enough of the world economy to be worth hacking. And if I am mistaken, and you are, then it is much easier to break into a business and steal the computer hardware than try to hack online accounts. And if criminals are really serious, they do worse things.
I think this is a bit of paranoia in a world that really doesn't care much about the individual...they care about the big businesses and will go after them.

Sorry, but this defeats the major purpose for cloud based storage, especially Skydrive and Google Drive...to use cloud based office apps to work collaboratively with others.

Exactly so...or even collaborating with yourself on different devices (desktop, smartphone, tablet).

I think this whole secrecy thing is taken too seriously. If you have something that absolutely, positively cannot be seen by others, don't put it online at all. Don't put it on a computer, for that matter. For the vast majority of us, hyper-encryption, double-encryption, etc. is just a paranoid waste of effort that further blocks productivity.

Well, before leaving my comment, I had considered a USB key with the application on it, which would then contain the cipher, but, hey, realistically, just how many people walk around all day with a USB key in their pocket and don't eventually end up just forgetting it at home..
....until.. that fateful day. When the SHTF and your beloved Vista PC goes up in smoke ;-) (sorry couldn't resist!)
But, seriously.. unless you have something like, say, a keybob USB key, your likely to be SOL...

Doccus: that is a very interesting point! I wonder if you tried to use another PC with another installation of Boxcryptor would it be able to decrypt your files from the cloud? That's something the article should address.

In my other reply I didn't address your point. I think it is a given that no two installations of Boxcrypter, or any other encryption software , would ever have the same algorithm. I mean, if they did, it would be like a lock service selling locks all with the same key!